driver/docker-container: remove conditional UsernsMode=host for userns

[thaJeztah]

relates to:

• docker-container: set UsernsMode only when needed #887
  • to address Rootless Docker support (container init caused: write sysctl key net.ipv4.ping_group_range: write /proc/sys/net/ipv4/ping_group_range: invalid argument: unknown) #561
• daemon.WithCommonOptions() fix detection of user-namespaces moby/moby#42736
• [20.10 backport] daemon.WithCommonOptions() fix detection of user-namespaces moby/moby#43084
• api/types/system: move SecurityOpt and DecodeSecurityOptions to client mod moby/moby#50825

---

This special handling was added in 5f8600f, to work around an issue in the daemon. That issue was fixed in moby@a826ca3, which was backported to docker v20.10.13 in moby@660b996.

Given that docker 20.10 reached EOL, and any currently supported version of docker would have the fix from moby@a826ca3, we can remove this special handling.

[thaJeztah]

I see there also was a nestybox / sysbox issue linked to the original PR; in case we need to verify behavior with that somehow;

• Docker buildx workers fail when run inside a sysbox container nestybox/sysbox#384

[thaJeztah]

cc @crazy-max @AkihiroSuda

[AkihiroSuda]

Prior to #887 , UsernsMode was rather unconditionally set to "host".

[thaJeztah]

Wah, sorry, looks like I missed your comment @AkihiroSuda

So, IIUC, before #561, we unconditionally set it to UsernsMode=host, which was a workaround for moby/moby#43084, because the daemon didn't correctly detect user-ns. And #561 made it a bit more granular so that we wouldn't set UsernsMode=host unconditionally, and only when needed.

But (again, IIUC), with moby/moby#43084 now included in the daemon, that handling wouldn't be needed, as it would no longer be needed to set UsernsMode=host ?

But maybe I mis-interpreted the intent here; what's the best way to verify (other than CI in this repo?)